<?php
   // ************************************************************************
   // **                                                                    **
   // **          This original software was designed and coded by          **
   // **                                                                    **
   // **                         David A. Goldsmith                         **
   // **                                                                    **
   // **                       dave106@wonderdave.com                       **
   // **                                                                    **
   // **                          March/April 2005                          **
   // **            Revised for Galileo High School, August 2009            **
   // **                                             July   2010            **
   // **                       piperd@galileoweb.org                        **	
   // **                                                                    **
   // ************************************************************************
?>


<html>
<title>Computer Lab Signup System Administration</title>

<link rel="stylesheet" href="LAB-Admin.css" type="text/css">

<center>
   <font color="#770000" size=5><b><u>Computer Lab Signup System Administration</u></b></font><br><br>
   <font color="#800080" size=4><b>Add / Edit / Delete Computer Labs</b></font>
</center>
<br><br><br>


<script language="JavaScript" type="text/javascript">
   function ConfirmDelete(Room)
   {
      var Answer1 = confirm('Are you sure that you want to permanently\n' +
                            'REMOVE the ENTIRE lab signup calendar for\n' +
                            'room ' + Room + '?\n\n' +
                            '( OK = Yes    Cancel = No )');

      if (Answer1)
      {
         var Answer2 = confirm('When you REMOVE a lab schedule, the\n' +
                               'entire lab calendar and teacher signups\n' +
                               'are deleted and CANNOT be recovered.\n\n' +
                               'Are you absolutely positive that you want\n' +
                               'to ERASE lab ' + Room + ' from the system?\n\n' +
                               '( OK = Yes    Cancel = No )');
      }
      else { return false; }

      if (Answer2)
      {
         return confirm('You have yet another chance here to back out of\n' +
                        'a potentially foolish decision that you are making.\n\n' +
                        'OK        =  Yeah, let\'s delete this lab!\n' +
                        'Cancel  =  No, I\'ve changed my mind');
      }
      else { return false; }
   }
</script>


<?php
   include("Configure.php");


   // In case the "register_globals" PHP directive is off, make sure all of the passed form variables are accessible
   $Copy        =  mysql_real_escape_string($_POST['Copy']);
   $DeleteLab   = $_POST['DeleteLab'];
   $Description = $_POST['Description'];
   $NewRoom     =  mysql_real_escape_string($_POST['NewRoom']);
   $Room        =  mysql_real_escape_string($_POST['Room']);
   $Submit      = $_POST['Submit'];


   function CheckForBadChars($String)
   {
      // Replace, eliminate, and/or "escape" specific "problem" characters in string variables
      $String = str_replace("\\", '', $String);
      $String = str_replace("'", '\\\'', $String);
      $String = str_replace('"', '\\"', $String);
      $String = trim($String);

      return $String;
   }

   // Make sure quotation marks and apostrophes are handled properly in the lab description
   $Description = CheckForBadChars($Description);

   if ($NewRoom)
      $Room = $NewRoom;
   //if ($Copy)
   //   $Copy = substr($Copy, 5);


   // See if a computer lab has been entered
   if ($Room)
   {
      // Determine if the computer lab already exists in the "Labs" table
      $Query = mysql_query("SELECT Description FROM Labs WHERE Room='$Room'", $DB);
      $Data = mysql_fetch_array($Query);
      $NumRecords = mysql_num_rows($Query);
      $Suffix = str_replace(" ", "_", $Room); 
   }


   // See if a submission has been made of computer lab information to be added/edited/deleted
   if ($Submit)
   {
      // The computer lab information IS valid; add/update/delete the information to/in/from the "Labs" table
     
      if ($NumRecords == 0)
      {
         $Query = mysql_query("CREATE TABLE LabSignups$Suffix (Date     date        NOT NULL default '0000-00-00',
                                                             Schedule varchar(20) NOT NULL default '',
                                                             Signup1  varchar(25) NOT NULL default '',
                                                             Signup2  varchar(25) NOT NULL default '',
                                                             Signup3  varchar(25) NOT NULL default '',
                                                             Signup4  varchar(25) NOT NULL default '',
                                                             Signup5  varchar(25) NOT NULL default '',
                                                             Signup6  varchar(25) NOT NULL default '',
                                                             Signup7  varchar(25) NOT NULL default '',
                                                             Signup8  varchar(25) NOT NULL default '',
                                                             PRIMARY KEY (Date)) TYPE=MYISAM", $DB);

         if ($Copy)
	 {
            $OtherSuff = str_replace(" ", "_", $Copy);		
            $Query = mysql_query("INSERT INTO LabSignups$Suffix (Date, Schedule) SELECT Date, Schedule
                                         FROM LabSignups$OtherSuff", $DB);
	 }

         $Query = mysql_query("INSERT INTO Labs (Room, Description) VALUES ('$Room', '$Description')", $DB);
      }


      if (($NumRecords > 0) and (! $DeleteLab))
           $Query = mysql_query("UPDATE Labs SET Description='$Description' WHERE Room='$Room'", $DB);


      if ($DeleteLab)
      {
         $Query = mysql_query("DROP TABLE LabSignups$Suffix", $DB);

         $Query = mysql_query("DELETE FROM Labs WHERE Room='$Room' LIMIT 1", $DB);
      }


      // Allow another lab daily schedule to be added/edited/deleted
      echo "<script language='JavaScript'>alert('Database Updated');</script>";
      echo "<body onLoad=\"location.replace('EditLab.php')\">";
   }


   if (! $Room)
   {
      // A computer lab name has NOT been entered; set the focus to the appropriate object
      echo "<body onLoad='document.ContinueForm.NewRoom.focus()'>";

      echo "<table align=center border=0 cellpadding=0 cellspacing=0>";
      echo "<form name='ContinueForm' method='post' action='EditLab.php'>";


      // Retrieve the lab names of the computer labs from the "Labs" table
      $Query = mysql_query("SELECT Room FROM Labs ORDER BY Room", $DB);

      // Display a pulldown menu of all of the computer lab names in the "Labs" table
      echo "<td valign=top align=center><font face='Arial' size=3 color='#000000'>";
      echo "<b>Choose an existing lab:</b></font><br><br>";

      echo "<select name='Room'>";
      echo "<option selected>";
      while ($Data = mysql_fetch_array($Query))
      {
         $TempRoom = $Data["Room"];
         echo "<option>$TempRoom";
      }
      echo "</select></td></center><br>";


      echo "<td valign=top align=center width=100><b><font face='Arial' size=3 color='#c00000'>OR</font></b></td>";


      echo "<td valign=top align=center height=120><b><font face='Arial' size=3 color='#000000'>";
      echo "Enter a new lab name:</font></b><br><br>";
      echo "<input type='text' name='NewRoom' size=30 maxlength=25></td></tr>";


      echo "<tr><td colspan=3 align=center><input type='submit' name='Continue' value='Continue' ";
      echo "style='width:80px;font-weight:bold;color:#006000'> &nbsp; &nbsp; &nbsp; &nbsp; ";

      // Display a button that returns to the Main Menu
      echo "<input type='button' value='Return to Main Menu' ";
      echo "style='width:154px;font-weight:bold;color:#000090' ";
      echo "onClick=\"location.replace('AdminMenu.php')\">";
      echo "</td></tr>";
      echo "</form></table>";
   }


   if (($Room) and (! $Submit))
   {
      // A computer lab room number HAS been entered; set the focus to the appropriate object
      if ($NumRecords == 0)
         echo "<body onLoad='document.LabForm.Description.focus()'>";


      echo "<center><form name='LabForm' method='post' action='EditLab.php'>";
      echo "<input type='hidden' name='Room' value='$Room'>";

      echo "<b><font face='Arial' size=3 color='#000000'>";
      echo "Computer Lab:</font></b> &nbsp; &nbsp;";
      echo "<font size=4 color='#000090'><b>$Room</b></font><br><br><br><br>";


      $Description = $Data["Description"];

      // Temporarily remove all backslashes and convert any quotation marks in the lab description to character
      //  entity references so that the description can be displayed in the form textbox below
      $TempDescription = str_replace("\\", '', $Description);
      $TempDescription = str_replace('"', '&quot;', $TempDescription);

      echo "<b><font face='Arial' size=3 color='#000000'>";
      echo "Lab Description:</font></b><br><br>";
      echo "<input type='text' name='Description' value=\"$TempDescription\" size=137 maxlength=120><br><br><br><br>";


      // If this is a NEW lab that is being added, provide the option of copying an existing lab calendar to the new lab
      if ($NumRecords == 0)
      {
         // Retrieve the room numbers of the existing computer labs from the "Labs" table
         $Query = mysql_query("SELECT Room FROM Labs ORDER BY Room", $DB);

         // Display a pulldown menu of all of the existing computer lab room numbers in the "Labs" table
         echo "<font face='Arial' size=3 color='#000000'>";
         echo "<b>Copy lab calendar from:</b></font><br><br>";

         echo "<select name='Copy'>";
         echo "<option selected>";
         while ($Data = mysql_fetch_array($Query))
         {
            $TempRoom = $Data["Room"];
            echo "<option>$TempRoom";
         }
         echo "</select><br><br><br><br><br>";
      }


      // Determine whether or not the current lab daily schedule can be removed; the daily schedule can only be deleted
      //  if the schedule is not presently being used in the current week or in any future weeks
      if ($NumRecords > 0)
      {
         echo "<input type='checkbox' name='DeleteLab' ";
         echo "onClick='if (checked) { return ConfirmDelete($Room) }'>";
         echo "<b>Delete Computer Lab</b><br><br><br><br><br>";
      }


      // Display a button that saves the added/edited/deleted teacher information
      echo "<input type='submit' name='Submit' value='Save Information' ";
      echo "style='width:130px;font-weight:bold;color:#006000'> &nbsp; &nbsp; &nbsp; &nbsp; ";

      // Display a button that cancels any unsaved changes and restarts the add/edit/delete teacher information process
      echo "<input type='button' value='Cancel' ";
      echo "style='width:80px;font-weight:bold;color:#c00000' ";
      echo "onClick=\"location.replace('EditLab.php')\"> &nbsp; &nbsp; &nbsp; &nbsp; ";

      // Display a button that returns to the main menu (without saving any changes)
      echo "<input type='button' value='Return to Main Menu' ";
      echo "style='width:154px;font-weight:bold;color:#000090' ";
      echo "onClick=\"location.replace('AdminMenu.php')\">";
      echo "</form></center>";
   }
?>


</body>

</html>
